I'm starting out with Ansible, trying to make vms etc in Azure.
我开始用的是anable,尝试在Azure中制造vm等。
I am stuck a bit on the authentication thing. This is the command I used to create what I thought I needed:
我在身份验证方面有点问题。这是我用来创建我想要的东西的命令:
az ad sp create-for-rbac --name AzureTools --password "A Password I Made Up"
Then I made the ~/.ansible/credentials file with the following contents:
然后我做了~/。有以下内容的文件/凭证文件:
[default]
subscription_id=my-sub-id
client_id=the appId from when I ran the previous command
secret='A Password I Made Up'
tenant=the tenantid from the above command
And when I try to run the ansible playbook, I get this (Invalid client secret is provided) See full error below:
当我试着去运行一套可行的剧本时,我得到了这个(无效的客户端机密),请参见下面的完整错误:
fatal: [localhost]: FAILED! => {
"changed": false,
"module_stderr": "Traceback (most recent call last):\n File \"/tmp/ansible_QL57O_/ansible_module_azure_rm_virtualmachine.py\", line 1553, in <module>\n main()\n File \"/tmp/ansible_QL57O_/ansible_module_azure_rm_virtualmachine.py\", line 1550, in main\n AzureRMVirtualMachine()\n File \"/tmp/ansible_QL57O_/ansible_module_azure_rm_virtualmachine.py\", line 651, in __init__\n supports_check_mode=True)\n File \"/tmp/ansible_QL57O_/ansible_modlib.zip/ansible/module_utils/azure_rm_common.py\", line 265, in __init__\n File \"/usr/local/lib/python2.7/dist-packages/msrestazure/azure_active_directory.py\", line 440, in __init__\n self.set_token()\n File \"/usr/local/lib/python2.7/dist-packages/msrestazure/azure_active_directory.py\", line 473, in set_token\n raise_with_traceback(AuthenticationError, \"\", err)\n File \"/usr/local/lib/python2.7/dist-packages/msrest/exceptions.py\", line 48, in raise_with_traceback\n raise error\nmsrest.exceptions.AuthenticationError: , InvalidClientError: (invalid_client) AADSTS70002: Error validating credentials. AADSTS50012: Invalid client secret is provided.\r\nTrace ID: 34de605e-5d21-4be2-84c1-27759ffe0000\r\nCorrelation ID: e62ed2ee-46b8-4847-9c1d-0c1e24ab711a\r\nTimestamp: 2018-03-08 21:00:55Z\n",
"module_stdout": "",
"msg": "MODULE FAILURE",
"rc": 0
So, what am I missing? Is the secret not supposed to be that password? If not, what should it be? All the docs just say "just put your secret here" but they don't explain what it is or where it comes from.
那么,我遗漏了什么?密码不应该是那个密码吗?如果没有,那应该是什么?所有的医生只是说“把你的秘密放在这里”,但是他们没有解释它是什么或者它来自哪里。
Environment: Ubuntu 16.04 running in a vm in Azure.
环境:Ubuntu 16.04在Azure的vm中运行。
ansible 2.4.3.0
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/home/path/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/dist-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.12 (default, Nov 20 2017, 18:23:56) [GCC 5.4.0 20160609]
Please let me know if I've missed providing any info.
如果我没有提供任何信息,请告诉我。
Thanks in advance!
提前谢谢!
1 个解决方案
#1
1
In the secret line, you should remove single quotes. I test in my lab, if I use single quotes, I will get same error log with you.
在秘密行中,您应该删除单引号。我在我的实验室测试,如果我使用单引号,我会得到相同的错误日志。
The second problem is you should create credentials in ~/.azure/credentials not ~/.ansible. More information about this please refer to this link.
第二个问题是您应该在~/中创建凭据。azure /凭证不~ / .ansible。更多关于这个的信息请参考这个链接。
#1
1
In the secret line, you should remove single quotes. I test in my lab, if I use single quotes, I will get same error log with you.
在秘密行中,您应该删除单引号。我在我的实验室测试,如果我使用单引号,我会得到相同的错误日志。
The second problem is you should create credentials in ~/.azure/credentials not ~/.ansible. More information about this please refer to this link.
第二个问题是您应该在~/中创建凭据。azure /凭证不~ / .ansible。更多关于这个的信息请参考这个链接。